Tags » XSS

Web Application Penetration Testing for Beginners Part 11 – DOM Based XSS

DOM based/local XSS is similar with reflected xss but with little twist. In reflected XSS, the server side code (php, java, C# etc) takes the attackers malicious script, embeds it into the response and servers to victim browser. 92 more words

Web App Security

Web Application Penetration Testing for Beginners Part 5 – Stored XSS

In last article, we saw how we can perform XSS even when <script> tags are not allowed. Let’s see type two of XSS – Stored XSS. 184 more words

Web App Security

XSS #Babylon

XSS= http://traductor.babylon.com/ingles/a-espanol/

Vector=  ‘><img src=x onerror=prompt(document.cookie)>

Risk=High

XSS

SQL Server Update Fixes XSS and DoS Vulnerability

Severity: Medium

Summary:

  • These vulnerabilities affect: Most current versions of SQL Server
  • How an attacker exploits it: Various, including enticing someone to click a specially crafted link…
  • 379 more words
Security Updates

Flickr Cross-Site Request Forgery Vulnerability Patched

Yahoo-owned Flickr, one of the biggest online photo management and sharing website in the world was recently impacted by a web application vulnerability, which could allow an attacker to modify users’ profile image. 438 more words

Hacking

XSS Vulnerability on BBM for Android

Ohai guys,
last night I found Cross Scripting (XSS) on BBM app for Android.
I don’t know this code dangerious or not, cause I am not a hacker or computer programmer btw ;) 178 more words

Story

Moodle 2.7 Persistent XSS

Overview

I hope you all have heard about the Moodle project. The full form is Moodle Modular Object-Oriented Dynamic Learning Environment. This project is a free open-source project which focuses in teaching and learning online courses effectively. 1,080 more words